Electronic Filing 

Amendment in Response to Office Action of June 25, 2008 
Application No. 10/789,337 

Amendments to the Claims : 

This listing of claims will replace all prior versions, and listings, of claims in the 
application. 

Listing of Claims: 

1. (Currently Amended) A settop terminal in a subscriber television system, the 
settop terminal comprising: 

a first memory having including an encrypted first key and an encrypted device key set 
stored therein; 

a secure element having including a processor and a second memory, wherein the second 
memory is accessible only to the processor and has a private-key of a private-key/public-key pair 
stored therein, wherein the processor is adapted to decrypt the encrypted first key using the 
private-key, and wherein the decrypted first key is used to decrypt the encrypted device key set; 
and 

an adaptive output interface adapted to utilize a device key set to determine a shared- 
secret key with a receiver in communication therewith and adapted to provide an encrypted 
stream of content to the receiver using the shared-secret key to encrypt the stream of content. 

2. (Original) The settop terminal of claim 1, wherein the device key set is used with 
protocols for high-bandwidth digital content protection. 

3. (Original) The settop terminal of claim 1, wherein the device key set is used with 
protocols for digital transmission content protection. 

4. (Original) The settop terminal of claim 1, wherein the adaptive output interface 
includes at least one of a digital visual interface and a High-Definition Multimedia Interface 
[HDMI] . 
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5. (Original) The settop terminal of claim 1, wherein the output interface includes 
an IEEE 1394 interface. 

6. (Original) The settop terminal of claim 1, further including: a second processor 
adapted to receive the decrypted first key and decrypt the encrypted device key set using the 
decrypted first key and provide the decrypted device key set to the adaptive output interface. 

7. (Original) The settop terminal of claim 6, wherein second processor implements 
a symmetric cryptographic algorithm using the device-key set decryptor as a key to decrypt the 
encrypted device-key set. 

8. (Original) The settop terminal of claim 7, wherein the symmetric cryptographic 
algorithm is a 3DES algorithm. 

9. (Original) The settop terminal of claim 7, wherein the symmetric cryptographic 
algorithm is a DES algorithm. 

10. (Original) The settop terminal of claim 1, wherein the encrypted device key set 
and the encrypted first key are stored in the first memory prior to installing the settop terminal in 
the subscriber television system. 

11. (Currently Amended) In a subscriber television system having including a 
headend in communication with a plurality of settop terminals including a given settop terminal, 
the given settop terminal comprising: 

a first memory having including an encrypted first key and an encrypted device key set 
stored therein; 
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a secure element having including a first processor and a second memory, wherein the 
second memory is accessible only to the first processor and has a private-key of a private- 
key/public-key pair stored therein, wherein the first processor is adapted to decrypt the encrypted 
first key using the private -key; 

an input port receiving a stream of content from the headend; 

a second processor adapted to determine from the stream of content whether the content 
of the stream of content is protected and adapted to receive the decrypted first key and decrypt 
the encrypted device key set using the decrypted first key; and 

an adaptive output interface adapted to implement the decrypted device key set to 
determine a shared- secret key with a receiver in communication therewith and, responsive to the 
first processor determining the content is protected, adapted to provide an encrypted stream of 
content to the receiver using the shared-secret key to encrypt the stream of content, and, 
responsive to the first processor determining the content is not protected, adapted to provide the 
stream of content to the receiver^;]] 

12. (Currently Amended) The settop terminal of claim 11, wherein the device key set 
includes is used with protocols for high-bandwidth digital content protection. 

13. (Currently Amended) The settop terminal of claim 11, wherein device key set 
includes is used with protocols for digital transmission content protection. 

14. (Original) The settop terminal of claim 11, wherein the adaptive output interface 
includes at least one of a digital visual interface and a High-Definition Multimedia Interface 
[HDMI] . 

15. (Original) The settop terminal of claim 11, wherein the output interface includes 
an IEEE 1394 interface. 
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16. (Currently Amended) A method of providing a receiver with a stream of content, 
the method implemented in a settop terminal in a subscriber television system, the method 
comprising the steps of: 

decrypting an encrypted first key using a private-key of a private-key/public-key pair 
belonging to the settop terminal, wherein the first key is decrypted inside of a secure-element 
having including a processor and a memory, wherein the private-key is accessible to only the 
processor; 

decrypting an encrypted device key set using the decrypted first key; 
providing the decrypted device key set to an adaptive output interface of the settop 
terminal that is in communication with the receiver ; 

determining a shared- secret key with the receiver using the decrypted device key set; and 
outputting the stream of content to the receiver. 

17. (Original) The method of claim 16, prior to the step of outputting, further 
including the steps of: 

determining whether the content of the stream of content is protected content; and 
responsive to determining the content is protected, encrypting the content of the stream of 
content using the shared-secret key, wherein the output stream of content is encrypted. 

18. (Original) The method of claim 17, prior to the step of encrypting the content, 
further including the steps of: 

receiving a second encrypted stream of content; and 

decrypting the second stream of content, wherein the decrypted second stream of content 
is the stream of content that is encrypted in the encryption step. 
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19. (Currently Amended) A method of providing a receiver with a stream of content, 
the method implemented in a settop terminal in a subscriber television system, the method 
comprising the steps of: 

decrypting an encrypted first key using a private-key of a private-key/public-key pair 
belonging to the settop terminal, wherein the first key is decrypted inside of a secure-element 
having including a processor and a memory, wherein the memory is accessible to only the 
processor and has the private-key stored therein; 

decrypting an encrypted device key set using the decrypted first key; 

providing the decrypted device key set to an adaptive output interface; 

negotiating a shared- secret key with the receiver using the decrypted device key set; 

receiving a stream of content from a headend of the subscriber television system; 

determining whether the receiver is entitled to access the stream of content; 

determining whether the received stream of content is encrypted content; and 

outputting the stream of content to the receiver. 

20. (Currently Amended) The method of claim [[16]] 19, prior to the step of 
outputting, further including the steps of: 

determining whether the content of the stream of content is protected content; and 
responsive to determining the content is protected, encrypting the content of the stream of 
content using the shared- secret key, wherein the output stream of content is encrypted. 

21. (New) The settop terminal of claim 1, wherein the memory of the secure element 
further includes a message private key stored therein that is separate from the private-key, 
wherein the processor of the secure element is further adapted to decrypt data within entitlement 
management messages (EMM) provided by a headend of the subscriber television system to the 
settop terminal using the message private key. 
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22. (New) The settop terminal of claim 11, wherein the memory of the secure 
element further includes a message private key stored therein that is separate from the private- 
key, wherein the processor of the secure element is further adapted to decrypt data within 
entitlement management messages (EMM) provided by the headend of the subscriber television 
system to the settop terminal using the message private key. 

23. (New) The method of claim 16, further comprising: 

providing an entitlement management message (EMM) from a headend of the subscriber 
television system to the settop terminal; and 

decrypting data within the entitlement management message (EMM) using a message 
private key stored within the memory of the secure-element, wherein the message private key is 
separate from the private-key. 

24. (New) The method of claim 19, further comprising: 

providing an entitlement management message (EMM) from the headend of the 
subscriber television system to the settop terminal; and 

decrypting data within the entitlement management message (EMM) using a message 
private key stored within the memory of the secure-element, wherein the message private key is 
separate from the private-key. 
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